Application No.: 10/731,371 

Reply to Office Action dated: August 28, 2007 

Reply dated: April 11,2008 

In the Claims: 

Please amend Claims 1, 3-5, 13, 16-18, 26, 28, 30, 38, 40, 42, and 48 as shown below. 
Applicant respectfully reserves the right to prosecute any originally presented claims in a continuing 
or future application. 

1 . (Currently Amended) A system for single security administration comprising: 

a plurality of first type servers server that i nc l udes an LDAP authenticat i on server , wherein 

each of the plurality of first type servers server holds i nformat i on of group information and access 
control list and includes an LDAP authentication server ; 

a second type server that includes an embedded LDAP server; 

a single security data repository that resides in the second type server and provides to the 
second type server user security information associated with both the plurality of f irst type s erver 
servers and the second type server; 

a default security plugin at each of said plurality of f irst type s erver servers that receives 
authentication requests from clients and forwards them to said LDAP authentication server; and, 

wherein, in response to receiving a request for authentication from a client, the system 
initiates an LDAP session between one of said plurality of f irst type s erver servers and said second 
type server, passes query information from said LDAP authentication server to said embedded 
LDAP server, receives corresponding user information, and creates a token that reflects an 
authentication result that can be used by said client. 

2. (Original) The system of claim 1 wherein the system checks a user profile database or user 
profile configuration information to determine where the user security information is stored. 

3. (Currently Amended) The system of claim 1 wherein each of said plurality of first type s erver 
servers is a WebLog i c an application server. 

4. (Currently Amended) The system of claim 1 wherein said second type server is a Tuxedo an 
enterprise server. 
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5. (Currently Amended) The system of claim 1 wherein each of said plurality of first type server 
servers is a WebLogic server, and said second server is a Tuxedo server. 

6. (Original) The system of claim 1 wherein said client is a Tuxedo client and said request is a 
tpinit call. 

7. (Original) The system of claim 1 wherein said query information is query user information that 
specifies a particular user or group of users. 

8. (Previously Presented) The system of claim 1 wherein the system includes a plurality of servers. 

9. (Original) The system of claim 8 wherein at least two of said plurality of servers include an 
LDAP authentication server. 

10. (Original) The system of claim 1 , further comprising a user information cache that caches a 
copy of said user information. 

1 1 . (Original) The system of claim 1 wherein the system is scalable to include multiple LDAP 
authentication servers and/or multiple embedded LDAP servers. 

12. (Original) The system of claim 1 wherein at least one of said servers include a console 
program for administering the security of the system. 

1 3. (Currently Amended) A method for providing single security administration comprising the 
steps of: 

issuing a call to an LDAP authentication server at one of a first type server servers , wherein 
the one of the first type server servers holds i nformat i on of group information and access control 

list; 

passing query user information from said LDAP authentication server to an embedded 
LDAP server at a second type server, wherein the second type server includes a single security 
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data repository that provides tlie second type server user security information associated witli botli 
tlie one of tlie first type server servers and tine second server; 

returning corresponding user information to said LDAP autlientication server; and, 

providing an autlientication tol<en for use by tlie client. 

14. (Original) The method of claim 13, further comprising the step, prior to issuing a call, of 
allowing a client to access a default security plugin. 

1 5. (Previously Presented) The method of claim 1 3, further comprising: 

checking a user profile database or user profile configuration information to determine 
where the user security information is stored. 

16. (Currently Amended) The method of claim 1 3 wherein each of said plurality of first type server 
servers is a WebLog i c an application server. 

1 7. (Currently Amended) The method of claim 1 3 wherein said second type server is a Tuxedo an 
enterprise server. 

1 8. (Currently Amended) The method of claim 1 3 wherein each of said plurality of first type server 
servers is a WebLogic server, and said second server is a Tuxedo server. 

19. (Original) The method of claim 13 wherein said client is a Tuxedo client and said request is 
a tpinit call. 

20. (Previously Presented) The method of claim 1 3 wherein said query user information is query 
user information that specifies a particular user or group of users. 

21 . (Previously Presented) The method of claim 13, further comprising: 

including a plurality of servers. 
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22. (Original) Tlie metliod of claim 21 wherein at least two of said plurality of servers include an 
LDAP authentication server. 

23. (Original) The method of claim 13, further comprising a user information cache that caches 
a copy of said user information. 

24. (Previously Presented) The method of claim 13, further comprising: 

being scalable to include multiple LDAP authentication servers and/or multiple embedded 
LDAP servers. 

25. (Original) The method of claim 13 wherein at least one of said servers include a console 
program for administering the security of the system. 

26. (Currently Amended) A system for single security administration comprising: 

an enterprise server that holds i nformat i on of group information and access control list; 

an a plurality of application se r ver that servers, wherein each one of the plurality of 
application servers includes an embedded LDAP server; 

a s i ng l e security data repository that resides in each one of the plurality of the application 
server servers and provides each one of the plurality of t he-application server servers with user 
security information that is associated with both the enterprise server and each one of the plurality 
of the application server servers ; and, 

wherein, in response to receiving a request for authentication from a client of the enterprise 
server, the system initiates an LDAP session between one of said plurality of application server 
servers and said enterprise server, receives query information from an LDAP authentication server 
at said enterprise server, creates a token that reflects an authentication result that can be used by 
said client, and communicates said token to the enterprise server. 

27. (Original) The system of claim 26 wherein the system checks a user profile database or user 
profile configuration information to determine where the user security information is stored. 
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28. (Currently Amended) The system of claim 26 wherein one of said plurality of application server 
is a WebLogic server. 

29. (Original) The system of claim 26 wherein said other enterprise server is a Tuxedo server. 

30. (Currently Amended) The system of claim 26 wherein one of said plurality of application se r ve r 
servers is a WebLogic server, and said second other enterprise is a Tuxedo server. 

31 . (Original) The system of claim 26 wherein said client is a Tuxedo client and said request is a 
tpinit call. 

32. (Original) The system of claim 26 wherein said query information is query user information that 
specifies a particular user or group of users. 

33. (Previously Presented) The system of claim 26 wherein the system includes a plurality of 
servers. 

34. (Original) The system of claim 33 wherein at least two of said plurality of servers include an 
LDAP authentication server. 

35. (Original) The system of claim 26, further comprising a user information cache that caches a 
copy of said user information. 

36. (Original) The system of claim 26 wherein the system is scalable to include multiple LDAP 
authentication servers and/or multiple embedded LDAP servers. 

37. (Original) The system of claim 26 wherein at least one of said servers include a console 
program for administering the security of the system. 

38. (Currently Amended) A method for single security administration comprising: 
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holding i nformat i on of group information and access control list at an enterprise server; 

receiving, at an LDAP server at one of an a plurality of application server servers , a request 
for authentication from a client of the enterprise server, wherein the one of a plurality of application 
server servers connects to a s i ng l e security data repository for user security information associated 
with both the enterprise server and the application server; 

initiating an LDAP session between said one of the plurality of application server servers 
and said enterprise server; 

receiving query information from an LDAP authentication server at said enterprise server; 

and, 

creating a token that reflects an authentication result that can be used by said client; and, 
communicating said token to said enterprise server. 

39. (Original) The method of claim 38 wherein the system checks a user profile database or user 
profile configuration information to determine where the user security information is stored. 

40. (Currently Amended) The method of claim 38 wherein one of said plurality of application se r ve r 
servers is a WebLogic server. 

41. (Original) The method of claim 38 wherein said other enterprise server is a Tuxedo server. 

42. (Currently Amended) The method of claim 38 wherein one of said plurality of application server 
servers is a WebLogic server, and said second other enterprise is a Tuxedo server. 

43. (Original) The method of claim 38 wherein said client is a Tuxedo client and said request is 
a tpinit call. 

44. (Original) The method of claim 38 wherein said query information is query user information 
that specifies a particular user or group of users. 

45. (Previously Presented) The method of claim 38, further comprising: 
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including a plurality of servers. 

46. (Original) The method of claim 45 wherein at least two of said plurality of servers include an 
LDAP authentication server. 

47. (Original) The method of claim 38, further comprising a user information cache that caches 
a copy of said user information. 

48. (Previously Presented) The method of claim 38, further comprising: 

being scalable to include multiple LDAP authentication servers and/or multiple embedded 
LDAP servers. 

49. (Original) The method of claim 38 wherein at least one of said servers include a console 
program for administering the security of the system. 
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